<?php
/*
* Author: Matthew Wakim
*
* File: NewAccountInfo.php
*
* Purpose: To add new account donatins to the site. THis will allow the use to add as many donations as needed to the site and then allow for deletion of information *that isnt needed once that information is pulled up. This will then put that infomation into a database that can be searched from from the search page that is also *connected to the data base. 
* 
*/

require_once 'login.php';
$db_server = mysql_connect($db_hostname, $db_username, $db_password);
if (!$db_server) die("unable to connect to MYSQL: " . mysql_error());

mysql_select_db($db_database, $db_server)
	or die("Unable to connect to MYSQL: " . mysql_error());

if (isset($_POST['firstname']) &&
	isset($_POST['lastname']) &&
	isset($_POST['accountnumber']) &&
	isset($_POST['middleinitial']) &&
	isset($_POST['streetaddress']) &&
	isset($_POST['city']) &&
	isset($_POST['state']) &&
	isset($_POST['zipcode']) &&
	isset($_POST['homephone']) &&
	isset($_POST['cellphone'])) {
	$firstname		= get_post('firstname');
	$lastname		= get_post('lastname');
	$accountnumber	= get_post('accountnumber');
	$middleinitial	= get_post('middleinitial');
	$streetaddress	= get_post('streetaddress');
	$city	    	= get_post('city');
	$state		    = get_post('state');
	$zipcode		= get_post('zipcode');
	$homephone		= get_post('homephone');
	$cellphone		= get_post('cellphone');
	
	if (isset($_POST['delete']) && isset($_POST['accountnumber'])) 
	{
	$accountnumber = get_post('accountnumber');
	$query = "DELETE FROM accountinfo WHERE accountnumber=$accountnumber";
		if (!mysql_query($query, $db_server))
		{
		echo "DELETE failed: $query<br />" .
		mysql_error() . "<br /><br />";
		}
	}
	else 
	{
		$query = "INSERT INTO accountinfo VALUES" . "('$firstname', '$lastname', '$accountnumber', '$middleinitial', '$streetaddress', '$city', '$state', '$zipcode', '$homephone', '$cellphone')";
	
		if (!mysql_query($query, $db_server))
		{
			echo "INSERT failed: $query<br />" .
			mysql_error() . "<br /><br />";
		}
	}
	}
echo <<<_END
<form action="NewAccountinfo.php" method="post"><pre>
				New Account Information
				
Account Number: <input type="text" name="accountnumber" />

    First Name: <input type="text" name="firstname" /> Last Name: <input type="text" name="lastname" />Middle Initial: <input type="text" name="middleinitial" />
	
Street Address: <input type="text" name="streetaddress" />      City: <input type="text" name="city" />         State: <input type="text" name="state" />

      Zip Code: <input type="text" name="zipcode" />Home Phone: <input type="text" name="homephone" />    Cell Phone: <input type="text" name="cellphone" />
	 	   
		   <input type="submit" value="ADD RECORD" />
		  
</pre> </form>
_END;
	
$query = "SELECT * FROM accountinfo";
$result = mysql_query($query);

if (!result) die ("Database access failed: " .mysql_error());
	
	$rows = mysql_num_rows($result);
	for ($j = 0 ; $j < $rows ; ++$j)
	{
		$row = mysql_fetch_row($result);
echo <<<_END
	<pre>
	Account Number: $row[2]
	    First Name: $row[0]
	     Last Name: $row[1]
	Middle Initial: $row[3]
	Street Address: $row[4]
	          City: $row[5]
	         State: $row[6]
	      Zip Code: $row[7]
	    Home Phone: $row[8]
	    Cell Phone: $row[9]
	</pre>
	<form action="NewAccountInfo.php" method="post">
	<input type="hidden" name="delete" value="yes" />
	<input type="hidden" name="accountnumber" value="$row[2]" />
	<input type="submit" value="DELETE RECORD" /> </form>
_END;
}

mysql_close($db_server);

function get_post($var)
{
	return mysql_real_escape_string($_POST[$var]);
}


?>